﻿using Sentinel.OAuth.Core.Constants.Identity;
using Sentinel.OAuth.Core.Interfaces.Identity;
using Sentinel.OAuth.Core.Interfaces.Managers;
using Sentinel.OAuth.Models.Identity;
using System.Collections.Generic;
using System.Security.Claims;
using System.Threading.Tasks;

namespace Inovout.Membership.Security.OAuth.AuthorizationServer
{
    public class ClientManager : IClientManager
    {
        public async Task<ISentinelPrincipal> AuthenticateClientAsync(string clientId, IEnumerable<string> scope)
        {
            return await Task<ISentinelPrincipal>.Run(() =>
            {
                return new SentinelPrincipal(new SentinelIdentity(AuthenticationType.OAuth, new SentinelClaim(ClaimTypes.Name, clientId)));
            });
        }

        public async Task<ISentinelPrincipal> AuthenticateClientAsync(string clientId, string redirectUri)
        {
            return await Task<ISentinelPrincipal>.Run(() =>
            {
                return new SentinelPrincipal(new SentinelIdentity(AuthenticationType.OAuth, new SentinelClaim(ClaimTypes.Name, clientId)));
            });


        }

        public async Task<ISentinelPrincipal> AuthenticateClientCredentialsAsync(string clientId, string clientSecret)
        {
            // Return an authenticated principal if the client secret matches the client id
            if (clientId == clientSecret)
            {
                return new SentinelPrincipal(new SentinelIdentity(AuthenticationType.OAuth, new SentinelClaim(ClaimTypes.Name, clientId)));
            }
            return await Task<ISentinelPrincipal>.Run(() =>
            {

                return SentinelPrincipal.Anonymous;
            });
        }
    }
}
